On 19/12/2019 22:52, Hector Santos wrote:
The fact is, there is a SMTP protocol rule of using a HELO/EHLO
[ip-literal] that MUST match the connection IP. If not, it is a
strong reason for rejection. I have wcSAP stats for that.
The thing is that RFC 5321 says you MUST NOT reject mail if the EHLO
parameter isn't "right".
"An SMTP server MAY verify that the domain name argument in the EHLO
command actually corresponds to the IP address of the client.
However, if the verification fails, the server MUST NOT refuse to
accept a message on that basis."
For the 'address literal' option, all it says is "an address literal
SHOULD be substituted for the
domain name" (note the word 'an' - no mention is made (AFAICS) of
any correctness requirement).
Note that I'm not arguing against tests which require that, just that
saying that the address literal MUST match the connection IP is going
beyond the standards (IMHO).
It's actually quite hard to automatically get a correct address literal
if you're behind NAT, and if you're also on a dynamic IP, then it's
approaching the impossible. Now, you may say that 'if the sender is on a
dynamic IP we don't want to receive mail from them', and that's a valid
viewpoint, but I'm not sure the SMTP standard should prohibit SMTP
senders being on dynamic IP addresses.
Paul Smith Computer Services
Tel: 01484 855800
Vat No: GB 685 6987 53
Sign up for news & updates at http://www.pscs.co.uk/go/subscribe
ietf-smtp mailing list